CVE-2016-9349

HIGH

Advantech SUISAccess Server <3.0 - Info Disclosure

Title source: llm

Description

An issue was discovered in Advantech SUISAccess Server Version 3.0 and prior. An attacker could traverse the file system and extract files that can result in information disclosure.

Exploits (2)

exploitdb WORKING POC
by James Fitts · rubywebappsjsp
https://www.exploit-db.com/exploits/42402
exploitdb WORKING POC
by James Fitts · rubywebappsjsp
https://www.exploit-db.com/exploits/42401

References (4)

Scores

CVSS v3 7.5
EPSS 0.2369
EPSS Percentile 96.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-200
Status published
Products (2)
advantech/susiaccess < 3.0
n/a/Advantech SUSIAccess Server 3.0 and prior Advantech SUSIAccess Server 3.0 and prior
Published Feb 13, 2017
Tracked Since Feb 18, 2026